Search Results

Search found 549 results on 22 pages for 'sid h'.

Page 15/22 | < Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22  | Next Page >

  • Convert a colored PDF into a white/black

    - by polslinux
    On Debian Sid, I have a PDF with a blue background and yellow font. I've searched a lot on Super User but i haven't found anything useful for me. I have tried to convert the PDF into a grayscale one with: gs -o grayscale.pdf -sDEVICE=pdfwrite -sColorConversionStrategy=Gray -sProcessColorModel=DeviceGray -dCompatibilityLevel=1.4 colored.pdf The problem is that I obtain a PDF whit white fonts and dark grey background so I cannot print it. After that I tried: convert -density 96x96 gs2.pdf -density 96x96 -negate -compress zip inv.pdf I got a PDF with black fonts (and this is okay) and grey background (and this is not okay). What can I do to obtain a PDF with white background and black fonts?

    Read the article

  • wi-fi connection drops periodically for a few seconds

    - by sergiom
    I've read the similar question on wireless connections dropping, but no answer seems to apply to my case I have configured the wi-fi lan of my router to broadcast sid and use WPA-PSK. Every few minutes my wi-fi connection drops for a few seconds and then restores. When I use two computers and run a ping -n 50000 on both computers, I see that the connection drops at different times but with almost the same rate. the router is a zyxel, one pc runs windws vista and uses a USB wi-fi device from Belkin: F6D4050 the other one runs windows 7 is a Dell PC with an Intel(R) WiFi Link 5100 AGN there are no other wi-fi lans around

    Read the article

  • vim NERDTree shortcut to an existing function

    - by Ned Batchelder
    I want to use right-arrow to open a node in NERDtree. I see there is NERDTreeAddKeyMap, but I'm too much of a vimscript newb to know how to invoke it properly. I want right-arrow to invoke activateNode. I've done it by adding this line into NERD_tree.vim itself: exec "nnoremap <silent> <buffer> <Right> :call <SID>activateNode(0)<cr>" but I want to do it the right way in my .vimrc

    Read the article

  • SQL 2000 and group names

    - by Nasa
    I have a SQL 2000 server which has databases, under user section of the database object, I have some NT 4.0 groups. These groups were migrated over to Active Directory some time ago using ADMT with SID history. The original source domain groups have since been deleted. The access shown is olddomain\groupname. I don't know why, if they were ntfs permissions they would update automatically to target\groupname. The users in the AD domain still have access to the database as they are a member of the migrated group (Target\groupname). I was wondering 1) Why does the old group (source\groupname) show up as it doesn't exist anymore. But access is still granted to the target group? 2) Is there any easy way to update the group name from source\groupname to target\groupname? Thanks for any help.

    Read the article

  • How do I compile mercurial 1.5.2 on debian?

    - by Aaron Digulla
    I downloaded the files for Mercurial 1.5.2 from http://packages.debian.org/sid/mercurial (mercurial_1.5.2-1.debian.tar.gz, mercurial_1.5.2-1.dsc and mercurial_1.5.2.orig.tar.gz). How do I get a .deb package out of these? I tried to follow the instructions at http://www.debian.org/doc/maint-guide/ch-build.en.html but they don't work. I tried to unpack the two archives and run dpkg-buildpackage or debian/rules build but that fails with: dh --with quilt clean dh_testdir debian/rules override_dh_auto_clean make[1]: Entering directory `/home/user/packages/mercurial-deb' cp -a mercurial/__version__.py mercurial/__version__.py.save cp: cannot stat `mercurial/__version__.py': No such file or directory make[1]: *** [override_dh_auto_clean] Error 1 make[1]: Leaving directory `/home/user/packages/mercurial-deb' make: *** [clean] Error 2 That's because the directory mercurial is inside mercurial_1.5.2/. Why doesn't the build script cd into the right place? If I try ../debian/rules build, I get dh --with quilt build dh: cannot read debian/control: No such file or directory sigh How do I compile a package for debian???

    Read the article

  • How to update Sharepoint 2010 user profile for user whose account name has changed in AD?

    - by Daniel Root
    We have an issue with User Profile Sync in SharePoint 2010 when the following happens: A new user is added to AD (ie DOMAIN\jdoh) The user is synched successfully to SharePoint Time passes The user's account name is changed in AD (ie because it was originally misspelled: DOMAIN\jdoe) The user is re-synced to SharePoint The behavior appears to be that the account name is not changed. In the above example, accountname will continue to be DOMAIN\jdoh in SharePoint, though other properties are synced correctly- I would assume by SID. This means that the users' my profile and mysite links still refer to the 'old' name (ie Person.aspx?accountname=Domain\jdoh). What steps should be taken to fix this in SharePoint when an account name is changed in AD?

    Read the article

  • The security database on the server does not have a computer account for this workstation trust relationship

    - by alex
    I have a Server 2008 machine called OTTO I recently, by mistake, booted up an old machine, also called OTTO (the hardware was unstable, so the new one was set up to take it's place) I shut down the old machine, turned it off, and recycled it (it won't ever be back on) Now, whenever i try to log in to the real OTTO with the domain account (mydomain\Administrator) i get the following error: The security database on the server does not have a computer account for this workstation What can I do to fix this? It doesn't appear in active directory any more I've added it, but I'm guessing this had no effect, due to a different SID I can log in as the local administrator however

    Read the article

  • Intraforest user account merge with Active Directory

    - by Neobyte
    I have a scenario where there is a root domain (RD) and two child domains (CD1 and CD2). Users have accounts on both CD1 and CD2, with identical samAccountNames, names etc, and various applications either use the CD1 or CD2 account for authentication to resources. I need to collapse CD2 into CD1, so I want to merge the accounts together. However ADMT does not allow me this option (merge options are greyed out), I think because it does not support intraforest merge of accounts (although it does not explicitly state this anywhere in the documentation). My question is - what is the easiest way for me to merge these accounts? Ultimately all I really need (I think) is for the SID of CD2\user1 to be added to the SIDHistory of CD1\user1 - is there a tool that supports this? Computer accounts and profiles are not a concern for this scenario. Group migration is unlikely to be an issue either - CD2\user1 is usually granted resource access through membership of a group on CD1.

    Read the article

  • Kiosk view of remote machine X11vnc

    - by Swapnil
    I need to connect to a remote machine through vnc viewer applet embedded in a webpage. The remote machine will host a program running on the desktop connected through the viewer. I need to enable the viewers to view only the running application program without access to any other feature such as the desktop and/or the task bar. How can I achieve this? BTW, I am experimenting with x11vnc -id, -sid command options, but got no desired view. Please help as I am in a bit urgency.

    Read the article

  • MPlayer does not work

    - by Soham Pal
    Using the xubuntu desktop, on Ubuntu Raring updated from Quantal. MPlayer never really worked. No video, no audio, nothing. I really can't be any more helpful, so here's the log: petey@home-pc:~$ mplayer "/home/petey/Downloads/Polar Bear Cafe (480p)HorribleSubs]/[HorribleSubs] Polar Bear Cafe - 01 [480p].mkv" MPlayer SVN-r35984-4.7 (C) 2000-2013 MPlayer Team Playing /home/petey/Downloads/Polar Bear Cafe (480p)[HorribleSubs]/[HorribleSubs] Polar Bear Cafe - 01 [480p].mkv. libavformat version 55.0.100 (internal) libavformat file format detected. [lavf] stream 0: video (h264), -vid 0 [lavf] stream 1: audio (aac), -aid 0 [lavf] stream 2: subtitle (ass), -sid 0 VIDEO: [H264] 848x480 0bpp 23.810 fps 0.0 kbps ( 0.0 kbyte/s) Clip info: creation_time: 2012-04-05 21:36:10 Load subtitles in /home/petey/Downloads/Polar Bear Cafe (480p)[HorribleSubs]/ Can't open /dev/fb0: Permission denied [fbdev2] Can't open /dev/fb0: Permission denied VO: [v4l2] No such file or directory vo_cvidix: No vidix driver name provided, probing available ones (-v option for details)! [cyberblade] Error occurred during pci scan: Operation not permitted [mach64] Error occurred during pci scan: Operation not permitted [mga] Error occurred during pci scan: Operation not permitted [mga] Error occurred during pci scan: Operation not permitted [nvidia_vid] Error occurred during pci scan: Operation not permitted [pm3] Error occurred during pci scan: Operation not permitted [radeon] Error occurred during pci scan: Operation not permitted [rage128] Error occurred during pci scan: Operation not permitted [s3_vid] Error occurred during pci scan: Operation not permitted [SiS] Error occurred during pci scan: Operation not permitted [unichrome] Error occurred during pci scan: Operation not permitted [VO_SUB_VIDIX] Couldn't find working VIDIX driver. ========================================================================== Opening video decoder: [ffmpeg] FFmpeg's libavcodec codec family libavcodec version 55.0.100 (internal) Selected video codec: [ffh264] vfm: ffmpeg (FFmpeg H.264) ========================================================================== ========================================================================== Opening audio decoder: [ffmpeg] FFmpeg/libavcodec audio decoders AUDIO: 44100 Hz, 2 ch, floatle, 0.0 kbit/0.00% (ratio: 0->352800) Selected audio codec: [ffaac] afm: ffmpeg (FFmpeg AAC (MPEG-2/MPEG-4 Audio)) ========================================================================== [AO OSS] audio_setup: Can't open audio device /dev/dsp: No such file or directory DVB card number must be between 1 and 4 AO: [null] 44100Hz 2ch floatle (4 bytes per sample) Starting playback... Movie-Aspect is 1.78:1 - prescaling to correct movie aspect. VO: [null] 848x480 = 854x480 Planar YV12 A: 4.7 V: 4.7 A-V: 0.002 ct: 0.083 0/ 0 22% 0% 0.5% 0 0 MPlayer interrupted by signal 2 in module: sleep_timer A: 4.7 V: 4.7 A-V: 0.001 ct: 0.083 0/ 0 21% 0% 0.5% 0 0 Exiting... (Quit)

    Read the article

  • How can I create bootable DOS usb stick?

    - by Grzenio
    I need to use this utility to change one of the parameters of my new WD hard drive: http://support.wdc.com/product/download.asp?groupid=609&sid=113&lang=en It has truly unreadable instructions: Extract wdidle3.exe onto a bootable medium (floppy, CD-RW, network drive, etc.). Boot the system with the hard drive to be updated to the medium where the update file was extracted to. Run the file by typing wdidle3.exe at the command prompt and press enter. I understand that this bootable medium should be some version of DOS? How can I make my USB stick a bootable medium compatible with this utility (I don't have a diskette drive)? I have Windows 7 and Debian Linux installed.

    Read the article

  • SMS Gateway Suggestions Needed

    - by SidC
    Hi All, Our website is written using PHP and is powered by a hosted Linux web server. We want to allow our users to receive SMS messages when they've received intranet-site messages from fellow users - SMS Notification. What is required to implement this functionality? Are there open source (free?) server applications that address this? Do we need to contract with wireless carriers to send messages to their networks? What, if any fees, must be paid to them? Thanks, Sid

    Read the article

  • anonymous access to ftpd

    - by gcb
    I need FTP on my local LAN so my scanner can send me scans. I am on Debian sid. I installed ftpd and created the user anonymous. I removed anonymous from /etc/ftpusers When I try to login as anonymous it says: login failed. I can't seem to find any log file. I'm using FTP server (Version 6.4/OpenBSD/Linux-ftpd-0.17) update:I needed that so my printer had one place to store my scanned documents on the LAN. solved that buying a dedicated USB pen drive (thankfully I bought a printer one with plenty of options) but in the past this was a very simple task. Install ftpd, specify the directory for anonymous access, and be done with it. now every ftp daemon has several layers of security and chroot in it's core... this is just crazy when all you need a place for a printer to dump files in a secured network.

    Read the article

  • Can't install Ubuntu 12 into VirtualBox (USB not recognized, ISO would not boot)

    - by wvxvw
    I'm trying out VirtualBox 4.18 and wanted to install Ubuntu 12 as a test. After installing VirtualBox (on Debian squeeze/sid), creating a virtual machine for Ubuntu and pointing it in Settings Storage IDE Controllers to the ISO with the proper version of Ubuntu, checked the "Live CD" option. Tried to define the IDE as master / slave, primary / secondary - all to no effect, and trying to boot this system, I'm getting to the screen which says: FATAL: could not read from the boot medium! System halted I've copied the same ISO to the USB stick, and I can boot from the USB (outside VirtualBox). I've looked at couple of tutorials / walk-through, there's nothing I can see that I would've done wrong. So, how would I configure it to boot from the desired ISO? Below is the snapshot with the current settings (sorry, I don't know how to get them as text).

    Read the article

  • Node.js installation on Debian 6

    - by pvorb
    I used to use this method for node.js installation on Debian, since it was easy and everything worked fine. Even with multiple users. Since version 0.6.18~dfsg1-1 of the sid package, installation removes openssh-server. But I need OpenSSH to connect to my server. Is there any possibility to install Node.js via APT or do I have to compile it manually? This is my APT preferences file: Package: * Pin: release a=stable Pin-Priority: 800 Package: * Pin: release a=testing Pin-Priority: 650 Package: * Pin: release a=unstable Pin-Priority: 600

    Read the article

  • A Duplicate name exists on the network

    - by Adam
    Recently we changed out office IT structure from having a dedicated server to be the DC, a dedicated server for the exchange etc... (Each running Windows Server 2003 R2) Now we have a single server running Windows SBS 2008 and created a new domain (with a different domain name) We then changed every PC so it connected to the new domain and renamed every PC with a new naming structure. After I had done this, we were getting several PCs that would get the following message just before the login screen (Alt+Ctrl+Del Screen) A Duplicate name exists on the network I have checked the ADUC and have removed the trouble PCs from the list and renamed each PC and changed the SID before connecting back onto the domain but still getting this message. I have tried everything that i can think of but still getting the problem. Any help would be greatly appreticated.

    Read the article

  • Making a Linux laptop flight-safe; disabling wireless/radio

    - by SpoonMeiser
    I'm going on a long flight tomorrow, and would like to be able to use my laptop during the journey. Wireless devices like WiFi and bluetooth interfere with airplanes instruments, and shouldn't be used on flights. If my laptop does not have a physical rf-kill switch, is it sufficient to just ensure that the relevant modules do not get loaded? If so, is that always safe, or does it vary between different hardware? My particular situation, is a Samsung NC10 netbook. Atheros 5k wireless hardware. Debian sid with kernel 2.6.30-1-686. However, I think it'd be interesting to know the answer to this question for the general case; not just my specific case.

    Read the article

  • Can you Download the cmid.ctt File

    - by ArtistDigital
    Can you Download the cmid.ctt File Zong.com.pk http://203.82.55.30/websms/default.aspx?txt_Msg=your-name&txt_MNumber=033489667417&txt_Nick=your-name Still Waiting for Reply.... kindly more Developer to broke the Server expection function alphanumeric(alphane) { var numaric = alphane; for(var j=0; j 47 && hh<59) || (hh 64 && hh<91) || (hh 96 && hh<123)) { } else { return false; } } return true; } function charscount(msg, frm) { frm.num_chars.value = 147 - msg.length; // m = msg; } function moveDivDown() { var el = document.getElementById("chatwindow") st = el.scrollTop; el.scrollTop = el.scrollTop + 300 } function trim(str) { return str.replace(/^\s*|\s*$/g,""); } var XMLHttp; var XMLHttp2; /SEND TO SERVER/ function GetXmlHttpObject() { var objXMLHttp=null /* if (window.XMLHttpRequest) { objXMLHttp=new XMLHttpRequest() } else if (window.ActiveXObject) { objXMLHttp=new ActiveXObject("Microsoft.XMLHTTP") }*/ var ua = navigator.userAgent.toLowerCase(); if (!window.ActiveXObject) objXMLHttp = new XMLHttpRequest(); else if (ua.indexOf('msie 5') == -1) objXMLHttp = new ActiveXObject("Msxml2.XMLHTTP"); else objXMLHttp = new ActiveXObject("Microsoft.XMLHTTP"); return objXMLHttp } function updateChatWindow() { var txt_Msg, txt_mNumber, txt_Nick, myMessage txt_MNumber = document.getElementById("txt_MNumber").value txt_Msg = document.getElementById("txt_Msg").value txt_Nick = document.getElementById("txt_Nick").value txt_Nick = trim (txt_Nick) if (txt_Nick.length==0) { alert ("Please enter the Nick Name") document.getElementById("txt_Nick").focus() document.getElementById("txt_Nick").value="" return false; } if (!alphanumeric(txt_Nick)) { alert ("Please enter a valid alphanumeric Nick Name") document.getElementById("txt_Nick").value="" document.getElementById("txt_Nick").focus() return false; } if (txt_Msg.length==0) return false; if (txt_MNumber.length != 10) { alert ("Please Enter a 10 digit recipient mobile number") return false } if (!IsNumeric (txt_MNumber)) { alert ("Please Enter a valid 10 digit recipient mobile number") return false } document.getElementById("txt_Msg").value = "" document.getElementById("num_chars").value = "147" document.getElementById("txt_Msg").focus() myMessage = '' +txt_Nick + ' Says: ' + txt_Msg + '' document.getElementById("chatwindow").innerHTML= document.getElementById("chatwindow").innerHTML + myMessage moveDivDown() XMLHttp = GetXmlHttpObject() if (XMLHttp==null) { alert ("Browser does not support HTTP Request") return false; } var url="default.aspx?" url=url+"txt_Msg="+txt_Msg url=url+"&txt_MNumber="+txt_MNumber url=url+"&txt_Nick="+txt_Nick url=url+"&sid="+Math.random() XMLHttp.onreadystatechange=stateChanged XMLHttp.open("GET",url,true) XMLHttp.send(null) return false; } function stateChanged() { if (XMLHttp.readyState==4 || XMLHttp.readyState=="complete") { try { document.getElementById("chatwindow").innerHTML= document.getElementById("chatwindow").innerHTML+ XMLHttp.responseText moveDivDown() } catch (e){} } } /RECEIVE FROM SERVER/ function checkResponse() { XMLHttp2 = GetXmlHttpObject() if (XMLHttp2==null) { alert ("Browser does not support HTTP Request") return } var url="" url=url+"?r=C" url=url+"&sid="+Math.random() XMLHttp2.onreadystatechange=stateChanged2 XMLHttp2.open("GET",url,true) XMLHttp2.send(null) } function stateChanged2() { if (XMLHttp2.readyState==4 || XMLHttp2.readyState=="complete") { try { document.getElementById("chatwindow").innerHTML= document.getElementById("chatwindow").innerHTML + XMLHttp2.responseText moveDivDown() } catch (e){} //Again Check Updates after 3 Seconds setTimeout("checkResponse()", 2000); } } function IsNumeric(sText) { var ValidChars = "0123456789"; var IsNumber=true; var Char; for (i = 0; i < sText.length && IsNumber == true; i++) { Char = sText.charAt(i); if (ValidChars.indexOf(Char) == -1) { IsNumber = false; } } return IsNumber; }

    Read the article

  • Javascript/ajax/php question: sending from server to client works, sending from client to server fai

    - by Jeroen Willemsen
    Hey All, Sorry for reposting(Admins, please delete the other one!). since you guys have been a great help, I was kinda hoping that you could help me once again while having the following question: I am currently trying to work with AJAX by allowing a managerclass in PHP to communicate via an XmlHttpobject with the javascript on the clientside. However, I can send something to the client via JSON, but I cannot read it at the clientside. In fact I am getting the error that the "time" is an undefined index in Session. So I was wondering: what am I doing wrong? The javascriptcode for Ajax: <script type="text/javascript"> var sendReq = GetXmlHttpObject(); var receiveReq = GetXmlHttpObject(); var JSONIn = 0; var JSONOut= 0; //var mTimer; //function to retreive xmlHTTp object for AJAX calls (correct) function GetXmlHttpObject() { var xmlHttp=null; try { // Firefox, Opera 8.0+, Safari xmlHttp=new XMLHttpRequest(); } catch (e) { // Internet Explorer try { xmlHttp=new ActiveXObject("Msxml2.XMLHTTP"); } catch (e) { xmlHttp=new ActiveXObject("Microsoft.XMLHTTP"); } } return xmlHttp; } //Gets the new info from the server function getUpdate() { if (receiveReq.readyState == 4 || receiveReq.readyState == 0) { receiveReq.open("GET", "index.php?json="+JSONIn+"&sid=$this->session", true); receiveReq.onreadystatechange = updateState; receiveReq.send(null); } } //send a message to the server. function sendUpdate(JSONstringsend) { JSONOut=JSONstringsend; if (sendReq.readyState == 4 || sendReq.readyState == 0) { sendReq.open("POST", "index.php?json="+JSONstringsend+"&sid=$this->session", true); sendReq.setRequestHeader('Content-Type','application/x-www-form-urlencoded'); alert(JSONstringsend); sendReq.onreadystatechange = updateCycle; sendReq.send(JSONstringsend); } } //When data has been send, update the page. function updateCycle() { getUpdate(); } function updateState() { if (receiveReq.readyState == 4) { // JSONANSWER gets here (correct): var JSONtext = sendReq.responseText; // convert received string to JavaScript object (correct) alert(JSONtext); var JSONobject = JSON.parse(JSONtext); // updates date from the JSONanswer (correct): document.getElementById("dateview").innerHTML= JSONobject.date; } //mTimer = setTimeout('getUpdate();',2000); //Refresh our chat in 2 seconds } </script> The function that actually uses the ajax code: //datepickerdata $(document).ready(function(){ $("#datepicker").datepicker({ onSelect: function(dateText){ var JSONObject = {"date": dateText}; var JSONstring = JSON.stringify(JSONObject); sendUpdate(JSONstring); }, dateFormat: 'dd-mm-yy' }); }); </script> And the PHP code: private function handleReceivedJSon($json){ $this->jsonLocal=array(); $json=$_POST["json"]; $this->jsonDecoded= json_decode($json, true); if(isset($this->jsonDecoded["date"])){ $_SESSION["date"]=$this->jsonDecoded["date"]; $this->useddate=$this->jsonDecoded; } if(isset($this->jsonDecoded["logout"])){ session_destroy(); exit("logout"); } header("Last-Modified: " . gmdate( "D, d M Y H:i:s" ) . "GMT" ); header("Cache-Control: no-cache, must-revalidate" ); header("Pragma: no-cache" ); header("Content-Type: text/xml; charset=utf-8"); exit($json); }

    Read the article

  • Transformation of Product Management in Telecommunications for Rapid Launch of Next Generation Products

    - by raul.goycoolea
    @font-face { font-family: "Arial"; }@font-face { font-family: "Courier New"; }@font-face { font-family: "Wingdings"; }@font-face { font-family: "Cambria"; }p.MsoNormal, li.MsoNormal, div.MsoNormal { margin: 0cm 0cm 0.0001pt; font-size: 12pt; font-family: "Times New Roman"; }a:link, span.MsoHyperlink { color: blue; text-decoration: underline; }a:visited, span.MsoHyperlinkFollowed { color: purple; text-decoration: underline; }p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph { margin: 0cm 0cm 0.0001pt 36pt; font-size: 12pt; font-family: "Times New Roman"; }p.MsoListParagraphCxSpFirst, li.MsoListParagraphCxSpFirst, div.MsoListParagraphCxSpFirst { margin: 0cm 0cm 0.0001pt 36pt; font-size: 12pt; font-family: "Times New Roman"; }p.MsoListParagraphCxSpMiddle, li.MsoListParagraphCxSpMiddle, div.MsoListParagraphCxSpMiddle { margin: 0cm 0cm 0.0001pt 36pt; font-size: 12pt; font-family: "Times New Roman"; }p.MsoListParagraphCxSpLast, li.MsoListParagraphCxSpLast, div.MsoListParagraphCxSpLast { margin: 0cm 0cm 0.0001pt 36pt; font-size: 12pt; font-family: "Times New Roman"; }div.Section1 { page: Section1; }ol { margin-bottom: 0cm; }ul { margin-bottom: 0cm; } The Telecom industry continues to evolve through disruptive products, uncertain markets, shorter product lifecycles and convergence of technologies. Today’s market has moved from network centric to consumer centric and focuses primarily on the customer experience. It has resulted in several product management challenges such as an increased complexity and volume of offerings, creating product variants, accelerating time-to-market, ability to provide multiple product views for varied stakeholders, leveraging OSS intelligence to BSS layer, product co-creation and increasing audit and security concerns for service providers. The document discusses how enterprise product management enabled by PLM-based product catalogue solutions helps to launch next generation products rapidly in the context of the Telecommunication Industry.   1.0.       Introduction   Figure 1: Business Scenario   Modern business demands the launch of complex products in a very short timeframe and effecting changes in the price plan faster without IT intervention. One of the key transformation initiatives companies are focusing on is in the area of product management transformation and operational efficiency improvement. As part of these initiatives, companies are investing in best- in-class COTs-based Product Management solutions developed on industry-wide standards.   The new COTs packages are planned to integrate with existing or new B/OSS systems to provide a strategic end-to-end agile solution for reduced time-to-market and order journey time. In addition, system rationalization is being undertaken to phase out legacy systems and migrate to strategic systems.   2.0.       An Overview of Product Management in Telecom   Product data in telecom is multi- dimensional and difficult to manage. It increased significantly due to the complexity of the product, product offerings on the converged network, increased volume of offerings, bundled offering structures and ever increasing regulatory requirements.   In addition, the shrinking product lifecycle in telecom makes it difficult to manage the dynamic product data. Mergers and acquisitions coupled with organic growth pose major challenges in product portfolio management. It is a roadblock in the journey towards becoming an agile organization.       Figure 2: Complexity in Product Management   Network Technology’ is the new dimension in telecom product management where the same products are realized through different networks i.e., Soiled network to Converged network. Consequently, the product solution is different.     Figure 3: Current Scenario - Pain Points in Product Management   The major business implications arising out of the current scenario are slow time-to-market and an inefficient process that affects innovation.   3.0. Transformation of Next Generation Product Management   Companies must focus on their Product Management Transformation Journey in the areas of:   ·       Management of single truth of product information across the organization/geographies which is currently managed in heterogeneous systems   ·       Management of the Intellectual Property (IP) on the product concept and partnership in the design of discrete components to integrate into the system   ·       Leveraging structured and unstructured product data within the extended enterprise to extract consumer insights and drive innovation   ·       Management of effective operational separation to comply with regulatory bodies   ·       Reuse of existing designs and add relevant features such as value-added services to enable effective product bundling     Figure 4: Next generation needs   PLM-based Enterprise Product Catalogue solutions efficiently address the above requirements and act as an enabler towards product management transformation and rapid product launch.   4.0. PLM-based Enterprise Product Management     Figure 5: PLM-based Enterprise Product Mastering   Enterprise Product Management (EPM) enables the business to manage complex product attributes of data in complex environments. Product Mastering helps create a 'single view' of the product by creating a business-driven, IT-supported environment where a global 'single truth record' is created, managed and reused.   4.1 The Business Case for Telco PLM-based solutions for Enterprise Product Management   ·       Telco PLM-based Product Mastering solutions provide a centralized authoring environment for product definition and control of all product data and rules   ·       PLM packages are designed to support multiple perspectives of product data (ordering perspective, billing perspective, provisioning perspective)   ·       Maintains relationships/links between different elements of the entire product definition   ·       Telco PLM packages are specialized in next generation lifecycle management requirements of products such as revision and state management, test and release management, role management and impact analysis)   ·       Takes into consideration all aspects of OSS product requirements compared to CRM product catalogue solutions where the product data managed is mostly order oriented and transactional     ·       New breed of Telco PLM packages are designed with 'open' standards such as SID and eTOM. They are interoperable, support integration frameworks such as subscription and notification.   ·       Telco PLM packages have developed good collaboration frameworks to integrate suppliers and partners into the product development value chain   4.2 Various Architectures/Approaches for Product Mastering using Telco PLM systems   4. 2.a Single Central Product Management (Mastering) Approach   Figure 6: Single Central Product Management (Master) Approach       This approach is implemented across verticals such as aerospace and automotive. It focuses on a physically centralized product master to which other sources are dependent on. The product definition data (Product bundles, service bundles, price plans, offers and discounts, product configuration rules and market campaigns) is created and maintained physically in a centralized environment. In addition, the product definition/authoring environment is centralized. The existing legacy product definition data available in CRM product catalogue, billing catalogue and the legacy product catalogue is migrated to the centralized PLM-based Enterprise Product Management solution.   Architectural changes must be made in the existing business landscape of applications to create and revise data because the applications have to refer to the central repository for approvals and validation of product configurations. It is achieved by modifying how the applications write data or how the applications can be adapted to use the rules to be managed and published.   Complete product configuration validation will be done in enterprise / central product catalogue and final configuration will be sent to the B/OSS system through the SOA compliant product distribution architecture. The approach/architecture enables greater control in terms of product data management and product data governance.   4.2.b Federated Product Management (Mastering) Architecture     Figure 7: Federated Product Management (Mastering) Architecture   In the federated product mastering approach, the basic unique product definition data (product id, description product hierarchy, basic price plans and simple product design rules) will be centrally created and will be maintained. And, the advanced product definition (Product bundling, promotions, offers & discount plans) will be created in respective down stream OSS systems. The advanced product definition (Product bundling, promotions, offers and discount plans) will be created in respective downstream OSS systems.   For example, basic product definitions such as attributes, product hierarchy and basic price plans will be created and maintained in Enterprise/Central product reference catalogue and distributed to downstream OSS systems. Respective downstream OSS systems build product bundles, promotions, advanced price plans over the basic product definition and master the advanced product definition. Central reference database accesses the respective other source product master data and assembles a point-in-time consolidated view of the product. The approach is typically adapted in some merger and acquisition scenarios where there is a low probability of a central physical authority managing the data. In addition, the migration effort in this case is minimal and there are no big architectural changes to the organization application landscape. However, this approach will not result in better product data management and data governance.   5.0 Customer Scenario – Before EPC deployment   A leading global telecommunications service provider wanted to launch a quad play and triple play service offering in the shortest possible lead time. The service provider was offering Broadband and VoIP services to customers. The company wanted to reuse a majority of the Broadband services and price plans and bundle them with new wireless and IPTV services for quad play and triple play. The challenges in launching the new service offerings were:       Figure 8: Triple Play Plan   ·       Broadband product data was stored in multiple product catalogues (CRM catalogue, Billing catalogue, spread sheets)   ·       Product managers spent a lot of time performing tasks involving duplication or re-keying of data. Manual effort caused errors, cost and time over-runs.   ·       No effective product and price data governance mechanism. Price change issues arising from the lack of data consistency across systems resulted in leakage of customer value and revenue.   ·       Product data had re-usability issues and was not in a structured format. It resulted in uncontrolled product portfolio creation and product management issues.   ·       Lack of enterprise product model resulted into product distribution challenges and thus delays in product launch.   ·       Designers are constrained by existing legacy product management solutions to model product/service requirements and product configuration rules such as upgrading, downgrading and cross selling.    5.1 Customer Scenario - After EPC deployment     Figure 9: SOA-based end-to-end EPC Solution   The company deployed PLM-based Enterprise Product Catalogue solutions to launch quad play service after evaluating various product catalogues. The broadband product offering, service and price data were migrated to the new system, and the product and price plan hierarchy for new offerings were created using the entities defined in the Enterprise Product Model. Supplier product catalogue data such as routers and set up boxes were loaded onto the new solution through SOA-based web service. Price plans and configuration rules were built in the new system. The validated final product configurations were extracted from the product catalogue in a SID format and were distributed to the downstream B/OSS systems through exposed SOA-based web services. The transformations required for the B/OSS system were handled using the transformation layer as part of the solution.   6.0 How PLM enabled Product Management Transformation         Figure 10: Product Management Transformation     PLM-based Product Catalogue Solution helped the customer reduce the product launch cycle time by 30% and enable transformation of Product Management for next generation services.   7.0 Conclusion   On the one hand, the telecom industry is undergoing changes due to disruptions, uncertain product markets and increased complexity of products. On the other hand, the ARPU is decreasing year-on-year. Communications Service Providers are embarking on convergence, bundled service offerings, flexibility to cross-sell and up-sell, introduce new value-added services, leverage Web 2.0 concepts and network capabilities. Consequently, large scale IT transformation initiatives to improve their ARPU supporting network and business transformations are a business imperative. Product Management has become a focus area. Companies are investing in best-in- class COTS solutions to reduce time-to-market, ensure rapid service delivery and improve operational efficiency. An efficient PLM-based enterprise product mastering solution plays a key role in achieving zero touch automation and rapid product launch.   References:   1.     Preston G.Smith, Donald G.Reineristsem, Van Nostrand Reinhold “Developing Products in Half the time”.   2.     John G. Innes, "Achieving Successful Product Change", Pitman Publishing.   3.     D T Pham and R M Setchi (16th Jan, 2001) "Authoring environment for documentation development" University of Wales Cardiff, U.K., Proceedings on Institution of Mechanical Engineers, Vol. 215, Part B.   4.     Oracle Product Hub for Communications:   http://www.oracle.com/us/products/applications/master-data-management/product-hub-082059.html  

    Read the article

  • IIS 7 Authentication: Certain users can't authenticate, while almost all others can.

    - by user35335
    I'm using IIS 7 Digest authentication to control access to a certain directory containing files. Users access the files through a department website from inside our network and outside. I've set NTFS permissions on the directory to allow a certain AD group to view the files. When I click a link to one of those files on the website I get prompted for a username and password. With most users everything works fine, but with a few of them it prompts for a password 3 times and then get: 401 - Unauthorized: Access is denied due to invalid credentials. But other users that are in the group can get in without a problem. If I switch it over to Windows Authentication, then the trouble users can log in fine. That directory is also shared, and users that can't log in through the website are able to browse to the share and view files in it, so I know that the permissions are ok. Here's the portion of the IIS log where I tried to download the file (/assets/files/secure/WWGNL.pdf): 2010-02-19 19:47:20 xxx.xxx.xxx.xxx GET /assets/images/bullet.gif - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 200 0 0 218 2010-02-19 19:47:20 xxx.xxx.xxx.xxx GET /assets/images/bgOFF.gif - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 200 0 0 218 2010-02-19 19:47:21 xxx.xxx.xxx.xxx GET /assets/files/secure/WWGNL.pdf - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 401 2 5 0 2010-02-19 19:47:36 xxx.xxx.xxx.xxx GET /assets/files/secure/WWGNL.pdf - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 401 1 2148074252 0 2010-02-19 19:47:43 xxx.xxx.xxx.xxx GET /assets/files/secure/WWGNL.pdf - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 401 1 2148074252 15 2010-02-19 19:47:46 xxx.xxx.xxx.xxx GET /manager/media/script/_session.gif 0.19665693119168282 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 200 0 0 203 2010-02-19 19:47:46 xxx.xxx.xxx.xxx POST /manager/index.php - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 200 0 0 296 2010-02-19 19:47:56 xxx.xxx.xxx.xxx GET /assets/files/secure/WWGNL.pdf - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 401 1 2148074252 15 2010-02-19 19:47:59 xxx.xxx.xxx.xxx GET /favicon.ico - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 404 0 2 0 Here's the Failed Logon attempt in the Security Log: Log Name: Security Source: Microsoft-Windows-Security-Auditing Date: 2/19/2010 11:47:43 AM Event ID: 4625 Task Category: Logon Level: Information Keywords: Audit Failure User: N/A Computer: WEB4.net.domain.org Description: An account failed to log on. Subject: Security ID: NULL SID Account Name: - Account Domain: - Logon ID: 0x0 Logon Type: 3 Account For Which Logon Failed: Security ID: NULL SID Account Name: jim.lastname Account Domain: net.domain.org Failure Information: Failure Reason: Unknown user name or bad password. Status: 0xc000006d Sub Status: 0xc000006a Process Information: Caller Process ID: 0x0 Caller Process Name: - Network Information: Workstation Name: - Source Network Address: 10.5.16.138 Source Port: 50065 Detailed Authentication Information: Logon Process: WDIGEST Authentication Package: WDigest Transited Services: - Package Name (NTLM only): - Key Length: 0 This event is generated when a logon request fails. It is generated on the computer where access was attempted. The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe. The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network). The Process Information fields indicate which account and process on the system requested the logon. The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases. The authentication information fields provide detailed information about this specific logon request. - Transited services indicate which intermediate services have participated in this logon request. - Package name indicates which sub-protocol was used among the NTLM protocols. - Key length indicates the length of the generated session key. This will be 0 if no session key was requested. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-a5ba-3e3b0328c30d}" /> <EventID>4625</EventID> <Version>0</Version> <Level>0</Level> <Task>12544</Task> <Opcode>0</Opcode> <Keywords>0x8010000000000000</Keywords> <TimeCreated SystemTime="2010-02-19T19:47:43.890Z" /> <EventRecordID>2276316</EventRecordID> <Correlation /> <Execution ProcessID="612" ThreadID="692" /> <Channel>Security</Channel> <Computer>WEB4.net.domain.org</Computer> <Security /> </System> <EventData> <Data Name="SubjectUserSid">S-1-0-0</Data> <Data Name="SubjectUserName">-</Data> <Data Name="SubjectDomainName">-</Data> <Data Name="SubjectLogonId">0x0</Data> <Data Name="TargetUserSid">S-1-0-0</Data> <Data Name="TargetUserName">jim.lastname</Data> <Data Name="TargetDomainName">net.domain.org</Data> <Data Name="Status">0xc000006d</Data> <Data Name="FailureReason">%%2313</Data> <Data Name="SubStatus">0xc000006a</Data> <Data Name="LogonType">3</Data> <Data Name="LogonProcessName">WDIGEST</Data> <Data Name="AuthenticationPackageName">WDigest</Data> <Data Name="WorkstationName">-</Data> <Data Name="TransmittedServices">-</Data> <Data Name="LmPackageName">-</Data> <Data Name="KeyLength">0</Data> <Data Name="ProcessId">0x0</Data> <Data Name="ProcessName">-</Data> <Data Name="IpAddress">10.5.16.138</Data> <Data Name="IpPort">50065</Data> </EventData> </Event>

    Read the article

  • Openvpn plugin openvpn-auth-ldap does not bind to Active Directory

    - by Selivanov Pavel
    I'm trying to configure OpenVPN with openvpn-auth-ldap plugin to authorize users via Active Directory LDAP. When I use the same server config without plugin option, and add client config with generated client key and cert, connection is successful, so problem is in the plugin. server.conf: plugin /usr/lib/openvpn/openvpn-auth-ldap.so "/etc/openvpn-test/openvpn-auth-ldap.conf" port 1194 proto tcp dev tun keepalive 10 60 topology subnet server 10.0.2.0 255.255.255.0 tls-server ca ca.crt dh dh1024.pem cert server.crt key server.key #crl-verify crl.pem persist-key persist-tun user nobody group nogroup verb 3 mute 20 openvpn-auth-ldap.conf: <LDAP> URL ldap://dc1.domain:389 TLSEnable no BindDN cn=bot_auth,cn=Users,dc=domain Password bot_auth Timeout 15 FollowReferrals yes </LDAP> <Authorization> BaseDN "cn=Users,dc=domain" SearchFilter "(sAMAccountName=%u)" RequireGroup false # <Group> # BaseDN "ou=groups,dc=mycompany,dc=local" # SearchFilter "(|(cn=developers)(cn=artists))" # MemberAttribute uniqueMember # </Group> </Authorization> Top-level domain in AD is used by historical reasons. Analogue configuration is working for Apache 2.2 in mod-authzn-ldap. User and password are correct. client.conf: remote server_name port 1194 proto tcp client pull remote-cert-tls server dev tun resolv-retry infinite nobind ca ca.crt ; with keys - works fine #cert test.crt #key test.key ; without keys - by password auth-user-pass persist-tun verb 3 mute 20 In server log there is string PLUGIN_INIT: POST /usr/lib/openvpn/openvpn-auth-ldap.so '[/usr/lib/openvpn/openvpn-auth-ldap.so] [/etc/openvpn-test/openvpn-auth-ldap.conf]' which indicates, that plugin failed. I can telnet to dc1.domain:389, so this is not network/firewall problem. Later server says TLS Error: TLS object -> incoming plaintext read error TLS handshake failed - without plugin it tryes to do usal key authentification. server log: Tue Nov 22 03:06:20 2011 OpenVPN 2.1.3 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Oct 21 2010 Tue Nov 22 03:06:20 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Tue Nov 22 03:06:20 2011 PLUGIN_INIT: POST /usr/lib/openvpn/openvpn-auth-ldap.so '[/usr/lib/openvpn/openvpn-auth-ldap.so] [/etc/openvpn-test/openvpn-auth-ldap.conf]' intercepted=PLUGIN_AUTH_USER_PASS_VERIFY|PLUGIN_CLIENT_CONNECT|PLUGIN_CLIENT_DISCONNECT Tue Nov 22 03:06:20 2011 Diffie-Hellman initialized with 1024 bit key Tue Nov 22 03:06:20 2011 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted> Tue Nov 22 03:06:20 2011 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file Tue Nov 22 03:06:20 2011 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Nov 22 03:06:20 2011 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Nov 22 03:06:20 2011 TLS-Auth MTU parms [ L:1543 D:168 EF:68 EB:0 ET:0 EL:0 ] Tue Nov 22 03:06:20 2011 Socket Buffers: R=[87380->131072] S=[16384->131072] Tue Nov 22 03:06:20 2011 TUN/TAP device tun1 opened Tue Nov 22 03:06:20 2011 TUN/TAP TX queue length set to 100 Tue Nov 22 03:06:20 2011 /sbin/ifconfig tun1 10.0.2.1 netmask 255.255.255.0 mtu 1500 broadcast 10.0.2.255 Tue Nov 22 03:06:20 2011 Data Channel MTU parms [ L:1543 D:1450 EF:43 EB:4 ET:0 EL:0 ] Tue Nov 22 03:06:20 2011 GID set to nogroup Tue Nov 22 03:06:20 2011 UID set to nobody Tue Nov 22 03:06:20 2011 Listening for incoming TCP connection on [undef] Tue Nov 22 03:06:20 2011 TCPv4_SERVER link local (bound): [undef] Tue Nov 22 03:06:20 2011 TCPv4_SERVER link remote: [undef] Tue Nov 22 03:06:20 2011 MULTI: multi_init called, r=256 v=256 Tue Nov 22 03:06:20 2011 IFCONFIG POOL: base=10.0.2.2 size=252 Tue Nov 22 03:06:20 2011 MULTI: TCP INIT maxclients=1024 maxevents=1028 Tue Nov 22 03:06:20 2011 Initialization Sequence Completed Tue Nov 22 03:07:10 2011 MULTI: multi_create_instance called Tue Nov 22 03:07:10 2011 Re-using SSL/TLS context Tue Nov 22 03:07:10 2011 Control Channel MTU parms [ L:1543 D:168 EF:68 EB:0 ET:0 EL:0 ] Tue Nov 22 03:07:10 2011 Data Channel MTU parms [ L:1543 D:1450 EF:43 EB:4 ET:0 EL:0 ] Tue Nov 22 03:07:10 2011 Local Options hash (VER=V4): 'c413e92e' Tue Nov 22 03:07:10 2011 Expected Remote Options hash (VER=V4): 'd8421bb0' Tue Nov 22 03:07:10 2011 TCP connection established with [AF_INET]10.0.0.9:47808 Tue Nov 22 03:07:10 2011 TCPv4_SERVER link local: [undef] Tue Nov 22 03:07:10 2011 TCPv4_SERVER link remote: [AF_INET]10.0.0.9:47808 Tue Nov 22 03:07:11 2011 10.0.0.9:47808 TLS: Initial packet from [AF_INET]10.0.0.9:47808, sid=a2cd4052 84b47108 Tue Nov 22 03:07:11 2011 10.0.0.9:47808 TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate Tue Nov 22 03:07:11 2011 10.0.0.9:47808 TLS Error: TLS object -> incoming plaintext read error Tue Nov 22 03:07:11 2011 10.0.0.9:47808 TLS Error: TLS handshake failed Tue Nov 22 03:07:11 2011 10.0.0.9:47808 Fatal TLS error (check_tls_errors_co), restarting Tue Nov 22 03:07:11 2011 10.0.0.9:47808 SIGUSR1[soft,tls-error] received, client-instance restarting Tue Nov 22 03:07:11 2011 TCP/UDP: Closing socket client log: Tue Nov 22 03:06:18 2011 OpenVPN 2.1.3 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Oct 22 2010 Enter Auth Username:user Enter Auth Password: Tue Nov 22 03:06:25 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Tue Nov 22 03:06:25 2011 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file Tue Nov 22 03:06:25 2011 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Nov 22 03:06:25 2011 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Nov 22 03:06:25 2011 Control Channel MTU parms [ L:1543 D:168 EF:68 EB:0 ET:0 EL:0 ] Tue Nov 22 03:06:25 2011 Socket Buffers: R=[87380->131072] S=[16384->131072] Tue Nov 22 03:06:25 2011 Data Channel MTU parms [ L:1543 D:1450 EF:43 EB:4 ET:0 EL:0 ] Tue Nov 22 03:06:25 2011 Local Options hash (VER=V4): 'd8421bb0' Tue Nov 22 03:06:25 2011 Expected Remote Options hash (VER=V4): 'c413e92e' Tue Nov 22 03:06:25 2011 Attempting to establish TCP connection with [AF_INET]10.0.0.2:1194 [nonblock] Tue Nov 22 03:06:26 2011 TCP connection established with [AF_INET]10.0.0.2:1194 Tue Nov 22 03:06:26 2011 TCPv4_CLIENT link local: [undef] Tue Nov 22 03:06:26 2011 TCPv4_CLIENT link remote: [AF_INET]10.0.0.2:1194 Tue Nov 22 03:06:26 2011 TLS: Initial packet from [AF_INET]10.0.0.2:1194, sid=7a3c2a0f bd35bca7 Tue Nov 22 03:06:26 2011 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this Tue Nov 22 03:06:26 2011 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=Fort-Funston_CA/[email protected] Tue Nov 22 03:06:26 2011 Validating certificate key usage Tue Nov 22 03:06:26 2011 ++ Certificate has key usage 00a0, expects 00a0 Tue Nov 22 03:06:26 2011 VERIFY KU OK Tue Nov 22 03:06:26 2011 Validating certificate extended key usage Tue Nov 22 03:06:26 2011 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication Tue Nov 22 03:06:26 2011 VERIFY EKU OK Tue Nov 22 03:06:26 2011 VERIFY OK: depth=0, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=server/[email protected] Tue Nov 22 03:06:26 2011 Connection reset, restarting [0] Tue Nov 22 03:06:26 2011 TCP/UDP: Closing socket Tue Nov 22 03:06:26 2011 SIGUSR1[soft,connection-reset] received, process restarting Tue Nov 22 03:06:26 2011 Restart pause, 5 second(s) ^CTue Nov 22 03:06:27 2011 SIGINT[hard,init_instance] received, process exiting Does anybody know how to get openvpn-auth-ldap wirking?

    Read the article

  • openvpn: after changing to server mode, client does not create TUN device

    - by lurscher
    i had a previously working configuration with the config files used in a previous question However, i've changed this now to the following configuration using server mode, everything on the logs seem fine, however the client doesn't create any tun interface, so i don't have anything to connect to, presumably, i need to add or push some route commands, but i don't have any idea at this point what i need to do. I am posting all my relevant configuration files server.conf: dev tun server 10.8.117.0 255.255.255.0 ifconfig-pool-persist ipp.txt tls-server dh /home/lurscher/keys/dh1024.pem ca /home/lurscher/keys/ca.crt cert /home/lurscher/keys/vpnCh8TestServer.crt key /home/lurscher/keys/vpnCh8TestServer.key status openvpn-status.log log openvpn.log comp-lzo verb 3 and client.conf: dev tun remote my.server.com tls-client ca /home/chuckq/keys/ca.crt cert /home/chuckq/keys/vpnCh8TestClient.crt key /home/chuckq/keys/vpnCh8TestClient.key ns-cert-type server ; port 1194 ; user nobody ; group nogroup status openvpn-status.log log openvpn.log comp-lzo verb 3 the server ifconfig shows a tun device: tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:10.8.117.1 P-t-P:10.8.117.2 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) However the client ifconfig does not show any tun interface! $ ifconfig tun0 tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 POINTOPOINT NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) the client log says: Tue May 17 23:27:09 2011 OpenVPN 2.1.0 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Jul 12 2010 Tue May 17 23:27:09 2011 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Tue May 17 23:27:09 2011 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Tue May 17 23:27:09 2011 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted> Tue May 17 23:27:09 2011 LZO compression initialized Tue May 17 23:27:09 2011 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] Tue May 17 23:27:09 2011 TUN/TAP device tun0 opened Tue May 17 23:27:09 2011 TUN/TAP TX queue length set to 100 Tue May 17 23:27:09 2011 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Tue May 17 23:27:09 2011 Local Options hash (VER=V4): '41690919' Tue May 17 23:27:09 2011 Expected Remote Options hash (VER=V4): '530fdded' Tue May 17 23:27:09 2011 Socket Buffers: R=[114688->131072] S=[114688->131072] Tue May 17 23:27:09 2011 UDPv4 link local (bound): [undef] Tue May 17 23:27:09 2011 UDPv4 link remote: [AF_INET]192.168.0.101:1194 Tue May 17 23:27:09 2011 TLS: Initial packet from [AF_INET]192.168.0.101:1194, sid=8e8bdc33 f4275407 Tue May 17 23:27:09 2011 VERIFY OK: depth=1, /C=CA/ST=Out/L=There/O=Ubuntu/OU=Home/CN=Ubuntu_CA/name=lurscher/[email protected] Tue May 17 23:27:09 2011 VERIFY OK: nsCertType=SERVER Tue May 17 23:27:09 2011 VERIFY OK: depth=0, /C=CA/ST=Out/L=There/O=Ubuntu/OU=Home/CN=vpnCh8TestServer/name=lurscher/[email protected] Tue May 17 23:27:09 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Tue May 17 23:27:09 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Tue May 17 23:27:09 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Tue May 17 23:27:09 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Tue May 17 23:27:09 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Tue May 17 23:27:09 2011 [vpnCh8TestServer] Peer Connection Initiated with [AF_INET]192.168.0.101:1194 Tue May 17 23:27:10 2011 Initialization Sequence Completed the client status log: OpenVPN STATISTICS Updated,Tue May 17 23:30:09 2011 TUN/TAP read bytes,0 TUN/TAP write bytes,0 TCP/UDP read bytes,5604 TCP/UDP write bytes,4244 Auth read bytes,0 pre-compress bytes,0 post-compress bytes,0 pre-decompress bytes,0 post-decompress bytes,0 END and the server log says: Tue May 17 23:18:25 2011 OpenVPN 2.1.0 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Jul 12 2010 Tue May 17 23:18:25 2011 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Tue May 17 23:18:25 2011 WARNING: --keepalive option is missing from server config Tue May 17 23:18:25 2011 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet. Tue May 17 23:18:25 2011 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Tue May 17 23:18:25 2011 Diffie-Hellman initialized with 1024 bit key Tue May 17 23:18:25 2011 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted> Tue May 17 23:18:25 2011 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] Tue May 17 23:18:25 2011 ROUTE default_gateway=192.168.0.1 Tue May 17 23:18:25 2011 TUN/TAP device tun0 opened Tue May 17 23:18:25 2011 TUN/TAP TX queue length set to 100 Tue May 17 23:18:25 2011 /sbin/ifconfig tun0 10.8.117.1 pointopoint 10.8.117.2 mtu 1500 Tue May 17 23:18:25 2011 /sbin/route add -net 10.8.117.0 netmask 255.255.255.0 gw 10.8.117.2 Tue May 17 23:18:25 2011 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Tue May 17 23:18:25 2011 Socket Buffers: R=[126976->131072] S=[126976->131072] Tue May 17 23:18:25 2011 UDPv4 link local (bound): [undef] Tue May 17 23:18:25 2011 UDPv4 link remote: [undef] Tue May 17 23:18:25 2011 MULTI: multi_init called, r=256 v=256 Tue May 17 23:18:25 2011 IFCONFIG POOL: base=10.8.117.4 size=62 Tue May 17 23:18:25 2011 IFCONFIG POOL LIST Tue May 17 23:18:25 2011 vpnCh8TestClient,10.8.117.4 Tue May 17 23:18:25 2011 Initialization Sequence Completed Tue May 17 23:27:22 2011 MULTI: multi_create_instance called Tue May 17 23:27:22 2011 192.168.0.104:1194 Re-using SSL/TLS context Tue May 17 23:27:22 2011 192.168.0.104:1194 LZO compression initialized Tue May 17 23:27:22 2011 192.168.0.104:1194 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] Tue May 17 23:27:22 2011 192.168.0.104:1194 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Tue May 17 23:27:22 2011 192.168.0.104:1194 Local Options hash (VER=V4): '530fdded' Tue May 17 23:27:22 2011 192.168.0.104:1194 Expected Remote Options hash (VER=V4): '41690919' Tue May 17 23:27:22 2011 192.168.0.104:1194 TLS: Initial packet from [AF_INET]192.168.0.104:1194, sid=8972b565 79323f68 Tue May 17 23:27:22 2011 192.168.0.104:1194 VERIFY OK: depth=1, /C=CA/ST=Out/L=There/O=Ubuntu/OU=Home/CN=Ubuntu_CA/name=lurscher/[email protected] Tue May 17 23:27:22 2011 192.168.0.104:1194 VERIFY OK: depth=0, /C=CA/ST=Out/L=There/O=Ubuntu/OU=Home/CN=Ubuntu_CA/name=lurscher/[email protected] Tue May 17 23:27:22 2011 192.168.0.104:1194 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Tue May 17 23:27:22 2011 192.168.0.104:1194 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Tue May 17 23:27:22 2011 192.168.0.104:1194 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Tue May 17 23:27:22 2011 192.168.0.104:1194 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Tue May 17 23:27:22 2011 192.168.0.104:1194 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Tue May 17 23:27:22 2011 192.168.0.104:1194 [vpnCh8TestClient] Peer Connection Initiated with [AF_INET]192.168.0.104:1194 Tue May 17 23:27:22 2011 vpnCh8TestClient/192.168.0.104:1194 MULTI: Learn: 10.8.117.6 -> vpnCh8TestClient/192.168.0.104:1194 Tue May 17 23:27:22 2011 vpnCh8TestClient/192.168.0.104:1194 MULTI: primary virtual IP for vpnCh8TestClient/192.168.0.104:1194: 10.8.117.6 finally, the server status log: OpenVPN CLIENT LIST Updated,Tue May 17 23:36:25 2011 Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since vpnCh8TestClient,192.168.0.104:1194,4244,5604,Tue May 17 23:27:22 2011 ROUTING TABLE Virtual Address,Common Name,Real Address,Last Ref 10.8.117.6,vpnCh8TestClient,192.168.0.104:1194,Tue May 17 23:27:22 2011 GLOBAL STATS Max bcast/mcast queue length,0 END

    Read the article

  • Spring security annotations with EL -- requires debug information compiled in?

    - by HDave
    I am considering using Spring Security annotations for my application, with the EL (expression language) feature. For example: @PreAuthorize("hasPermission(#contact, 'admin')") public void deletePermission(Contact contact, Sid recipient, Permission permission); I need the EL capability because I have built my own ACL implementation. However, to use this capability with the "#contact" type arguments, the Spring documentation says this: You can access any of the method arguments by name as expression variables, provided your code has debug information compiled in. This begs two questions: It is acceptable to have a production application commercially distributed with debug info in it? If not, is there any way around this? Thanks for any guidance on this!

    Read the article

  • MOSS 2007 BDC Profile Import fails for a few users

    - by Hobber
    We have set up a BDC Profile Import for Sharepoint 2007 and it works well for 99% of the users. A handful fails with the "Exception occured when calling into BIL connector for import from non master data source" message in the crawl log, though The ULS logs reveal the following information: Exception Profile Import: Exception occured when importing user: '[redacted]\[redacted]'. Microsoft.Office.Server.UserProfiles.PropertyInvalidValueException: Invalid Property Value: Could not find SID corresponding to input account name I have confirmed that the user has a sharepoint profile matching the username is a valid domain user exists in AD Can anyone help med troubleshoot this?

    Read the article

< Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22  | Next Page >